• Convergence Security Journal
• /
• v.18 no.5_2
• /
• pp.21-27
• /
• 2018

Most of the Internet users in Korea are issued certificates and use them for various tasks. For this reason, it is recommended that accredited certification authorities and security related companies and use public certificates on USB memory and portable storage devices rather than on the user's desktop. Despite these efforts, the hacking of the certificate has been continuously occurring and the financial damage has been continuing. Also, for security reasons, our military has disabled USB to general military users. Therefore, this study proposes a two-factor method using the unique information of the USB memory and the PC which is owned by the user, and suggests a method of managing the private key file secure to the general user. Furthermore, it will be applied to national defense to contribute to the prevention of important data and prevention of access by unauthorized persons.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.8
• /
• pp.4076-4092
• /
• 2019

Nowadays, most users access internet through mobile applications. The common way to authenticate users through websites forms is using passwords; while they are efficient procedures, they are subject to guessed or forgotten and many other problems. Additional multi modal authentication procedures are needed to improve the security. Behavioral authentication is a way to authenticate people based on their typing behavior. It is used as a second factor authentication technique beside the passwords that will strength the authentication effectively. Keystroke dynamic rhythm is one of these behavioral authentication methods. Keystroke dynamics relies on a combination of features that are extracted and processed from typing behavior of users on the touched screen and smart mobile users. This Research presents a novel analysis in the keystroke dynamic authentication field using two features categories: timing and no timing combined features. The proposed model achieved lower error rate of false acceptance rate with 0.1%, false rejection rate with 0.8%, and equal error rate with 0.45%. A comparison in the performance measures is also given for multiple datasets collected in purpose to this research.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.3
• /
• pp.1273-1288
• /
• 2016

With the swift growth of wireless technologies, an increasing number of users rely on the mobile services which can exchange information in mobile networks. Security is of key issue when a user tries to access those services in this network environment. Many authentication schemes have been presented with the purpose of authenticating entities and wishing to communicate securely. Recently, Chou et al. and Farash-Attari presented two ID authentication schemes. They both claimed that their scheme could withstand various attacks. However, we find that the two authentication schemes are vulnerable to trace attack while having a problem of clock synchronization. Additionally, we show that Farash-Attari's scheme is still susceptible to key-compromise impersonation attack. Therefore, we present an enhanced scheme to remedy the security weaknesses which are troubled in these schemes. We also demonstrate the completeness of the enhanced scheme through the Burrow-Abadi-Needham (BAN) logic. Security analysis shows that our scheme prevents the drawbacks found in the two authentication schemes while supporting better secure attributes. In addition, our scheme owns low computation overheads compared with other related schemes. As a result, our enhanced scheme seems to be more practical and suitable for resource-constrained mobile devices in mobile networks.

• Proceedings of the CALSEC Conference
• /
• 2000.08a
• /
• pp.291-303
• /
• 2000

◈ 개요 ㆍ PC표준 USB포트에 바로 연결하여 사용 ㆍ 열쇠 크기의 휴대용 개인 정보보호 장치 ◈ 휴대용 전자서명기 ㆍ 별도의 리더기가 필요 없음 ㆍ Strong Authentication (Two-Factor 인증)(중략)

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.12
• /
• pp.6169-6187
• /
• 2017

With the fast growth of mobile services, Mobile Cloud Computing(MCC) has gained a great deal of attention from researchers in the academic and industrial field. User authentication and privacy are significant issues in MCC environment. Recently, Tsai and Lo proposed a privacy-aware authentication scheme for distributed MCC services, which claimed to support mutual authentication and user anonymity. However, Irshad et.al. pointed out this scheme cannot achieve desired security goals and improved it. Unfortunately, this paper shall show that security features of Irshad et.al.'s scheme are achieved at the price of multiple time-consuming operations, such as three bilinear pairing operations, one map-to-point hash function operation, etc. Besides, it still suffers from two minor design flaws, including incapability of achieving three-factor security and no user revocation and re-registration. To address these issues, an enhanced and provably secure authentication scheme for distributed MCC services will be designed in this work. The proposed scheme can meet all desirable security requirements and is able to resist against various kinds of attacks. Moreover, compared with previously proposed schemes, the proposed scheme provides more security features while achieving lower computation and communication costs.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.1
• /
• pp.13-21
• /
• 2006

Though authentication using biometric techniques has conveniences for people, security problems like the leakage of personal bio-information would be serious. Even if cancelable biometric is a good solution for the problems, only a few biometric authentication scheme with cancelable feature has been published. In this paper, we suggest a face authentication scheme with two security factors: password and face image. Using matching algorithm in the permuted domain, our scheme is designed to be cancelable in the sense that templates that is composed of permutation and weight vector can be changed freely.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.5
• /
• pp.377-384
• /
• 2013

In order to improve the security strength in the password based user authentication, in which the security vulnerability is increased while the same password is repeatedly used, the OTP(One-Time Password) system has been introduced. In the OTP systems, however, the user account information and OTP value may be hacked if the user PC is infected by the malicious codes, because the user types the OTP value, which is generated by the mobile device synchronized with the server, directly onto the user PC. In this paper, we propose a new method, called DTOTP(Dual Transmission OTP), to solve this security problem. The DTOTP system is an improved two-factor authentication method by using the dual transmission, in which the user performs the server authentication by typing the user account and password information onto the PC, and then for the OTP authentication the mobile device scans the QR code displayed on the PC and the OTP value is sent to the server directly. The proposed system provides more improved security strength than that of the existing OTP system, and also can adopt the existing OTP algorithm without any modification. As a result, the proposed system can be safely applied to various security services such like banking, portal, and game services.

• The Transactions of The Korean Institute of Electrical Engineers
• /
• v.66 no.12
• /
• pp.1899-1904
• /
• 2017

This paper presents a new one-time password approach generated based on $4{\times}4$ pattern schedule. It demonstrates generation of passkey from initial seed of random codes and mapping out in table pattern schedule which will produce a new form of OTP scheme in protecting information or data. The OTP-2FA has been recognized by many organizations as a landmark to authentication techniques. OTP is the solution to the shortcomings of the traditional user name/password authentication. With the application of OTP, some have benefited already while others have had second thoughts because of some considerations like cryptographic issue. This paper presents a new method of algorithmic approach based on table schedule (grid authentication). The generation of OTP will be based on the random parameters that will be mapped out in rows and columns allowing the user to form the XY values to get the appropriate values. The algorithm will capture the values and extract the predefined characters that produce the OTP codes. This scheme can work in any information verification system to enhance the security, trust and confidence of the user.

• International Journal of Computer Science & Network Security
• /
• v.23 no.12
• /
• pp.81-90
• /
• 2023

Cloud computing is an emerging business model popularized during the last few years by the IT industry. Providing "Everything as a Service" has shifted many organizations to choose cloud-based services. However, some companies still fear shifting their data to the cloud due to issues related to the security and privacy. The paper suggests a novel Trust based Mutual Authentication Mechanism using Secret P-box based Mutual Authentication Mechanism (TbMAM-SPb) on the criticality of information. It uses a particular passcodes from one of the secret P-box to act as challenge to one party. The response is another passcode from other P-box. The mechanism is designed in a way that the response given by a party to a challenge is itself a new challenge for the other party. Access to data is provided after ensuring certain number of correct challenge-responses. The complexity can be dynamically updated on basis of criticality of the information and trust factor between the two parties. The communication is encrypted and time-stamped to avoid interceptions and reuse. Overall, it is good authentication mechanism without the use of expensive devices and participation of a trusted third party.

• Journal of the Korea Convergence Society
• /
• v.10 no.12
• /
• pp.63-69
• /
• 2019

Using a smartphone allows quick and easy authentication and payment. However, smartphone security threats are evolving into a variety of new hacking technologies, and are changing to attacks specific to the mobile environment. Therefore, there is a demand for an authentication method suitable for a mobile environment. In order to solve security weaknesses in knowledge-based authentication, many companies provide two-step authentication services such as OTP(One Time Password) to provide authentication services such as finance, games, and login. Although OTP service is easy to use, it is easy to duplicate random number table and has a disadvantage that can be reused because it is used as valid value within time limit. In this paper, we propose a mechanism that enables users to quickly and easily authenticate with high security using the authentication method that recognizes special characters through smartphone's dedicated application.